diff --git a/js/src/ds/LifoAlloc.h b/js/src/ds/LifoAlloc.h index 807313c2af30..8e3b45fea554 100644 --- a/js/src/ds/LifoAlloc.h +++ b/js/src/ds/LifoAlloc.h @@ -11,6 +11,11 @@ #include "mozilla/Attributes.h" #include "mozilla/DebugOnly.h" #include "mozilla/GuardObjects.h" +#include "mozilla/ASan.h" + +#if defined(MOZ_VALGRIND) +#include "valgrind/memcheck.h" +#endif /* * This data structure supports stacky LIFO allocation (mark/release and @@ -66,7 +71,9 @@ class BumpChunk void setBump(void *ptr) { JS_ASSERT(bumpBase() <= ptr); JS_ASSERT(ptr <= limit); - mozilla::DebugOnly prevBump = bump; +#if defined(DEBUG) || defined(MOZ_ASAN) || defined(MOZ_VALGRIND) + char* prevBump = bump; +#endif bump = static_cast(ptr); #ifdef DEBUG JS_ASSERT(contains(prevBump)); @@ -75,6 +82,19 @@ class BumpChunk if (prevBump > bump) memset(bump, 0xcd, prevBump - bump); #endif + + /* Poison/Unpoison memory that we just free'd/allocated */ +#if defined(MOZ_ASAN) + if (prevBump > bump) + ASAN_POISON_MEMORY_REGION(bump, prevBump - bump); + else if (bump > prevBump) + ASAN_UNPOISON_MEMORY_REGION(prevBump, bump - prevBump); +#elif defined(MOZ_VALGRIND) + if (prevBump > bump) + VALGRIND_MAKE_MEM_NOACCESS(bump, prevBump - bump); + else if (bump > prevBump) + VALGRIND_MAKE_MEM_UNDEFINED(prevBump, bump - prevBump); +#endif } public: diff --git a/layout/base/nsPresArena.cpp b/layout/base/nsPresArena.cpp index 1bbbca8d057f..8721eecbc398 100644 --- a/layout/base/nsPresArena.cpp +++ b/layout/base/nsPresArena.cpp @@ -24,21 +24,9 @@ #endif #include "mozilla/StandardInteger.h" +#include "mozilla/ASan.h" -#if defined(MOZ_ASAN) -// XXX These come from sanitizer/asan_interface.h but that header doesn't seem -// to be installed by default? -extern "C" { - void __asan_poison_memory_region(void const volatile *addr, size_t size) - __attribute__((visibility("default"))); - void __asan_unpoison_memory_region(void const volatile *addr, size_t size) - __attribute__((visibility("default"))); -#define ASAN_POISON_MEMORY_REGION(addr, size) \ - __asan_poison_memory_region((addr), (size)) -#define ASAN_UNPOISON_MEMORY_REGION(addr, size) \ - __asan_unpoison_memory_region((addr), (size)) -} -#elif defined(MOZ_VALGRIND) +#if defined(MOZ_VALGRIND) #include "valgrind/memcheck.h" #endif diff --git a/mfbt/ASan.h b/mfbt/ASan.h new file mode 100644 index 000000000000..fd728d7bb8cd --- /dev/null +++ b/mfbt/ASan.h @@ -0,0 +1,27 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * Provides ASan (AddressSanitizer) specific functions that are normally + * provided through the sanitizer/asan_interface.h header installed by ASan. + */ + +#ifndef mozilla_ASan_h_ +#define mozilla_ASan_h_ + +#ifdef MOZ_ASAN +extern "C" { + void __asan_poison_memory_region(void const volatile *addr, size_t size) + __attribute__((visibility("default"))); + void __asan_unpoison_memory_region(void const volatile *addr, size_t size) + __attribute__((visibility("default"))); +#define ASAN_POISON_MEMORY_REGION(addr, size) \ + __asan_poison_memory_region((addr), (size)) +#define ASAN_UNPOISON_MEMORY_REGION(addr, size) \ + __asan_unpoison_memory_region((addr), (size)) +} +#endif + +#endif /* mozilla_ASan_h_ */ diff --git a/mfbt/exported_headers.mk b/mfbt/exported_headers.mk index ffd3405a5c50..2357c9c6121f 100644 --- a/mfbt/exported_headers.mk +++ b/mfbt/exported_headers.mk @@ -9,6 +9,7 @@ EXPORTS_NAMESPACES += mozilla EXPORTS_mozilla += \ + ASan.h \ Assertions.h \ Attributes.h \ BloomFilter.h \